The goal of our session is to encourage individuals to exercise their data rights and to urge businesses to make it easier, while embracing this engagement as an opportunity, not a threat.
In this session, we reflect on the more practical, rather than the purely legal issues that arise after the GDPR has been in place for more than a year. Specifically, we discuss a broad set of issues around the implementation of data subjects rights under the GDPR, including:
- Best practices and lessons learned educating about personal data and digital rights.
- How has the GDPR changed data subjects’ access to their personal data?
- How are data controllers implementing it in practice?
- What practical and technical challenges arise for both data subjects exercising their rights under the GDPR and data controllers?
- How can brands and organisations help educate data subjects and connect them to the data they hold on them and empower them to make decisions over its use?
- How can GDPR education be integrated into coursework to motivate students to make use of their own data and encourage them to exercise their legal rights?
The session, through the “GDPR Request Processing” talk, demonstrates how data subjects can use their data today and invites audience participation in creating a map of available tools and processes to make personal data from GDPR requests accessible.
The GDPR provides a great opportunity to tap into personal data sources that were previously hard or not at all accessible. But heterogeneous formats, incompatible tools, and difficult processing cause frustration and limit the potential for general users to adopt MyData ideas in practice.
Presentations in this session:
- One year of GDPR: raising personal data awareness best practices by Ignasi Alcalde
- Bringing MyData into University courses – and what we learned about the GDPR implementation in the process by Elmar Kiesling
- GDPR Request Processing by Christoph Fabianek
- Why the personal data game is like the dating game by J Cromack